ESL SBOMator | Direct NVD Links

ESL SBOMator

Professional SBOM Analysis & Vulnerability Management

www.eswlab.com | Engineering Software Lab

ESL SBOMator Logo

ESL SBOMator

Project in Report:

nRF5_SDK_17.1.0_ddde560

60

Total Components

4

Vulnerable Components

19

Total CVEs

6.7%

Components with Known CVEs

0

Ransomware CVEs

Used in ransomware campaigns

0

Weaponized CVEs

Actively exploited in wild

19

No Known Exploitation

CVEs without active exploitation

🏢 Vendor/Manufacturer Distribution

Unknown
30 components
50.0%
Nordic Semiconductor
9 components
15.0%
Nordic Semiconductor / ARM
5 components
8.3%
Octo AS / Nordic Semiconductor
4 components
6.7%
ARM
3 components
5.0%

Vulnerability Severity Distribution

6 Critical
9 High
4 Medium
0 Low

Click any CVE ID below to view detailed vulnerability information on the National Vulnerability Database

Component Vulnerability Analysis

Threat-Based Prioritization: Components are sorted by security threat level: RANSOMWARE WEAPONIZED Standard CVEs No CVEs
Component Version Type Vendor/Manufacturer License CVEs Score Severity Vulnerabilities (Click CVE IDs for Details)
FreeRTOS 9.0.0 library 🏭 Amazon Web Services MIT 4 9.8 Critical CVE-2021-31571 CVE-2021-31572 CVE-2021-32020 CVE-2024-28115
FreeRTOS-Kernel 9.0.0 library 🏭 Amazon Web Services MIT 5 9.8 Critical CVE-2024-12084 CVE-2022-21505 CVE-2022-21385 CVE-2023-5981
CVE-2023-22024
Oberon Mbed TLS Backend 3.0.8 library 🏭 Octo AS / Nordic Semiconductor BSD-3-Clause 5 9.8 Critical CVE-2022-46393 CVE-2022-35409 CVE-2025-47917 CVE-2024-28960
CVE-2025-52496
Mbed TLS 2.16.10 library 🏭 ARM Apache-2.0 5 8.9 High CVE-2025-47917 CVE-2024-28960 CVE-2025-52496 CVE-2021-45451
CVE-2021-43666
nRF CC310 0.9.13 library 🏭 Nordic Semiconductor / ARM Nordic-5-Clause 0 0.0 No CVEs None
nRF Oberon 3.0.8 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
CMSIS-DSP (Cortex-M4 with FPU) 5.x library 🏭 ARM Apache-2.0 0 0.0 No CVEs None
CMSIS-DSP (Cortex-M4 without FPU) 5.x library 🏭 ARM Apache-2.0 0 0.0 No CVEs None
IEEE 802.15.4 Stack unknown library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
Gazell unknown library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
SoftDevice S112 7.2.0 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
SoftDevice S113 7.2.0 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
SoftDevice S132 7.2.0 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
SoftDevice S140 7.2.0 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
cJSON unknown library 🏭 Dave Gamble MIT 0 0.0 No CVEs None
FatFs unknown library 🏭 ChaN BSD-1-Clause 0 0.0 No CVEs None
lwIP unknown library 🏭 Swedish Institute of Computer Science BSD-3-Clause 0 0.0 No CVEs None
micro-ecc unknown library 🏭 Ken MacKay BSD-2-Clause 0 0.0 No CVEs None
SEGGER RTT unknown library 🏭 SEGGER Microcontroller SEGGER-RTT 0 0.0 No CVEs None
Tile Library sdk-17.1.0 library 🏭 Tile Inc Proprietary 0 0.0 No CVEs None
NFC Type 2 Tag Library 17.1.0 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
NFC Type 4 Tag Library 17.1.0 library 🏭 Nordic Semiconductor Nordic-5-Clause 0 0.0 No CVEs None
Oberon Crypto Library detected library 🏭 Octo AS / Nordic Semiconductor Unknown 0 0.0 No CVEs None
Oberon Crypto Library 3.0.8 library 🏭 Octo AS / Nordic Semiconductor BSD-3-Clause 0 0.0 No CVEs None
Oberon Crypto Library 3.0.8 library 🏭 Octo AS / Nordic Semiconductor BSD-3-Clause 0 0.0 No CVEs None
nRF CC310 Crypto Library 0.9.13 library 🏭 Nordic Semiconductor / ARM Proprietary 0 0.0 No CVEs None
nRF CC310 Crypto Library 0.9.13 library 🏭 Nordic Semiconductor / ARM Proprietary 0 0.0 No CVEs None
libarm_cortexM4lf_math sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
libarm_cortexM4l_math sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf51_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf51_sd_resources_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52810_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52810_sd_resources_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52811_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52811_sd_resources_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52840_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52840_sd_resources_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52_sd_resources_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf51_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf51_sd_resources_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52840_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52840_sd_resources_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52_sd_resources_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
802_15_4_lib_gcc sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
802_15_4_lib_iar sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
Tile Tracker Library sdk-17.1.0 library 🏭 Tile Inc / Nordic Semiconductor Proprietary 0 0.0 No CVEs None
oberon_3.0.8 3.0.8 library 🏢 Unknown Unknown 0 0.0 No CVEs None
nRF CC310 Crypto Library 0.9.13 library 🏭 Nordic Semiconductor / ARM Proprietary 0 0.0 No CVEs None
nRF CC310 Crypto Library 0.9.13 library 🏭 Nordic Semiconductor / ARM Proprietary 0 0.0 No CVEs None
arm_cortexM4lf_math sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
arm_cortexM4l_math sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf51_arm sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf51_sd_resources_arm sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52840_arm sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52840_sd_resources_arm sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52_arm sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
gzll_nrf52_sd_resources_arm sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None
802_15_4_lib_keil sdk-17.1.0 library 🏢 Unknown Unknown 0 0.0 No CVEs None

Report Generation Details

Technical Details

Generated: 2026-01-12 09:40:49

Source File: NRF-SDK_17_1_0_sbom.json

Enhancement: Not enhanced

Vulnerability Database

CISA KEV Integration: Active Exploitation Detection

Processing: Local Database (Fast)

Coverage: Standard

FDA/NTIA Compliance
📋 Supplier Field Coverage: 30/60 components (50.0%)
FDA requires supplier identification for medical device SBOM submissions
ESL SBOMator

Professional SBOM Solution

Engineering Software Lab

Security & Compliance Tools

Contact Information

www.eswlab.com
sales@eswlab.com